How to Configure the Zone

Note that the only required elements to create a native non-global zone
are the zonename and zonepath properties.
Other resources and properties are optional. Some optional resources also
require choices between alternatives, such as the decision to use either the dedicated-cpu resource or the capped-cpu resource.
See Zone Configuration Data for
information on available zonecfg properties and resources.

You must be the global administrator in the global zone to perform this
procedure.

If this is the first time you have configured this zone, you will see
the following system message:

my-zone: No such zone configured
Use 'create' to begin configuring a new zone.

Create the new zone configuration.

This procedure uses the default settings.

zonecfg:my-zone> create

Set the zone path, /export/home/my-zone in this procedure.

zonecfg:my-zone> set zonepath=/export/home/my-zone

Do not place the zonepath on ZFS for releases prior
to the Solaris 10 10/08 release.

Set the autoboot value.

If
set to true, the zone is automatically booted when the
global zone is booted. Note that for the zones to autoboot, the zones service svc:/system/zones:default must also be enabled. The default value
is false.

zonecfg:my-zone> set autoboot=true

Set persistent boot arguments for a zone.

zonecfg:my-zone> set bootargs="-m verbose"

Dedicate one CPU to this zone.

zonecfg:my-zone> add dedicated-cpu

Set the number of CPUs.

zonecfg:my-zone:dedicated-cpu> set ncpus=1-2

(Optional) Set the importance.

zonecfg:my-zone:dedicated-cpu> set importance=10

The default is 1.

End the specification.

zonecfg:my-zone:dedicated-cpu> end

Revise the default set of privileges.

zonecfg:my-zone> set limitpriv="default,sys_time"

This line adds the ability to set the system clock to the default set
of privileges.

Set the scheduling class to FSS.

zonecfg:my-zone> set scheduling-class=FSS

Add a memory cap.

zonecfg:my-zone> add capped-memory

Set the memory cap.

zonecfg:my-zone:capped-memory> set physical=50m

Set the swap memory cap.

zonecfg:my-zone:capped-memory> set swap=100m

Set the locked memory cap.

zonecfg:my-zone:capped-memory> set locked=30m

End the memory cap specification.

zonecfg:my-zone:capped-memory> end

Add a file system.

zonecfg:my-zone> add fs

Set the mount point for the file system, /usr/local in this procedure.

zonecfg:my-zone:fs> set dir=/usr/local

Specify that /opt/zones/my-zone/local in the global zone is to be mounted as /usr/local in
the zone being configured.

zonecfg:my-zone:fs> set special=/opt/zones/my-zone/local

In the non-global zone, the /usr/local file system
will be readable and writable.

Specify the file system type, lofs in this procedure.

zonecfg:my-zone:fs> set type=lofs

The type indicates how the kernel interacts with the file system.

End the file system specification.

zonecfg:my-zone:fs> end

This step can be performed more than once to add more than one file
system.

(Optional)
Set the hostid.

zonecfg:my-zone> set hostid=80f0c086

Add a ZFS dataset named sales in the
storage pool tank.

zonecfg:my-zone> add dataset

Specify the path to the ZFS dataset sales.

zonecfg:my-zone> set name=tank/sales

End the dataset specification.

zonecfg:my-zone> end

(Sparse Root Zone Only) Add a shared
file system that is loopback-mounted from the global zone.

Do not perform this step to create a whole root zone, which does not
have any shared file systems. See the discussion for whole root zones in Disk Space Requirements.

zonecfg:my-zone> add inherit-pkg-dir

Specify that /opt/sfw in
the global zone is to be mounted in read-only mode in the zone being configured.

zonecfg:my-zone:inherit-pkg-dir> set dir=/opt/sfw

Note –

The zone's packaging database is updated to reflect the packages.
These resources cannot be modified or removed after the zone has been installed
using zoneadm.

End the inherit-pkg-dir specification.

zonecfg:my-zone:inherit-pkg-dir> end

This step can be performed more than once to add more than one shared
file system.

Note –

If you want to create a whole root zone but default shared file
systems resources have been added by using inherit-pkg-dir,
you must remove these default inherit-pkg-dir resources
using zonecfgbefore you install the
zone:

zonecfg:my-zone>remove inherit-pkg-dir
dir=/lib

zonecfg:my-zone>remove inherit-pkg-dir
dir=/platform

zonecfg:my-zone>remove inherit-pkg-dir
dir=/sbin

zonecfg:my-zone>remove inherit-pkg-dir
dir=/usr

(Optional) If you are creating an exclusive-IP zone, set the ip-type.

zonecfg:my-zone> set ip-type=exclusive

Note –

Only the physical device type will be specified in the add
net step.

Add a network interface.

zonecfg:my-zone> add net

(shared-IP only) Set the IP address
for the network interface, 192.168.0.1 in this procedure.

zonecfg:my-zone:net> set address=192.168.0.1

Set the physical device type for the
network interface, the hme device in this procedure.

zonecfg:my-zone:net> set physical=hme0

Solaris 10 10/08: (Optional, shared-IP only) Set the default router
for the network interface, 10.0.0.1 in this procedure.

zonecfg:my-zone:net> set defrouter=10.0.0.1

End the specification.

zonecfg:my-zone:net> end

This step can be performed more than once to add more than one network
interface.

Add a device.

zonecfg:my-zone> add device

Set the device match, /dev/sound/* in this procedure.

zonecfg:my-zone:device> set match=/dev/sound/*

End the device specification.

zonecfg:my-zone:device> end

This step can be performed more than once to add more than one device.

Add a zone-wide resource control by
using the property name.

zonecfg:my-zone> set max-sem-ids=10485200

This step can be performed more than once to add more than one resource
control.

Add a comment by using the attr resource
type.

zonecfg:my-zone> add attr

Set the name to comment.

zonecfg:my-zone:attr> set name=comment

Set the type to string.

zonecfg:my-zone:attr> set type=string

Set the value to a comment that describes
the zone.

zonecfg:my-zone:attr> set value="This is my work zone."

End the attr resource
type specification.

zonecfg:my-zone:attr> end

Verify the zone configuration for the
zone.

zonecfg:my-zone> verify

Commit the zone configuration for the
zone.

zonecfg:my-zone> commit

Exit the zonecfg command.

zonecfg:my-zone> exit

Note that even if you did not explicitly type commit at
the prompt, a commit is automatically attempted when you
type exit or an EOF occurs.

Using Multiple Subcommands From the Command Line

Tip –

The zonecfg command also supports multiple subcommands,
quoted and separated by semicolons, from the same shell invocation.